Lucene search
K

5 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/01/03 4:3 p.m.36 views

Security Bulletin: B2B API of IBM Sterling B2B Integrator vulnerable to security bypass due to OWASP ESAPI (CVE-2013-5960)

Summary IBM Sterling B2B Integrator has addressed the vulnerability in OWASP ESAPI in B2B API Vulnerability Details CVEID:CVE-2013-5960 DESCRIPTION: OWASP ESAPI could allow a remote attacker to bypass security restrictions, caused by the failure to properly resist tampering with serialized...

5.8CVSS5.9AI score0.01655EPSS
Exploits1Affected Software1
vulnersOsv
vulnersOsv
added 2022/05/14 1:37 a.m.8 views

cloud.genesys:web-messaging-sdk (>=3.0.0 <=5.0.0), cn.acooly:acooly-auth-wechat-authenticator (=5.2.1) +233 more potentially affected by CVE-2013-5960 via org.owasp.esapi:esapi (>=2.0.1 <=2.1.0)

org.owasp.esapi:esapi MAVEN version =2.0.1, =3.0.0, =5.0.0 - cn.acooly:acooly-auth-wechat-authenticator =5.2.1 - com.acooly:acooly-component-account =5.2.1 - com.acooly:acooly-component-app =5.2.1 - com.acooly:acooly-component-assetmgmt =5.2.1 - com.acooly:acooly-component-certification =5.2.1 -...

5.8CVSS5.8AI score0.01655EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2015/01/15 12:0 a.m.22 views

Fedora 20 : owasp-esapi-java-2.1.0-2.fc20 (2015-0259)

Release 2.1.0. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Network...

5.8CVSS8.2AI score0.02426EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2015/01/15 12:0 a.m.20 views

Fedora Update for owasp-esapi-java FEDORA-2015-0259

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5AI score
Exploits0References2
CVE
CVE
added 2013/09/30 10:0 a.m.84 views

CVE-2013-5960

CVE-2013-5960 affects OWASP ESAPI for Java (authenticated-encryption in the symmetric-encryption implementation) and could allow remote bypass of cryptographic protections through tampering of serialized ciphertext in non-default cipher-mode configurations. IBM Sterling B2B Integrator bulletin co...

5.8CVSS6.4AI score0.01655EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder